Some UK IT personnel admit to not following the same security protocols they are expected to enforce, according to a survey by Absolute Software Corporation. Of those surveyed, 17 per cent of respondents admitted to successfully hacking their own or another organisation. The report also showed that 28 per cent admitted to knowingly circumventing their own security policies.
Stephen Midgley, vice president, Global Marketing, Absolute, said: “Given that IT is the security gatekeeper for an organisation, it was alarming to see such high incidents of non-compliant behaviour by IT personnel. Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”
The report found that security remains at the top of the IT spending list, with 73 per cent of respondents expecting increased investment in security this year. Despite prioritising security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organisation (50 per cent). This may be related to the fact that on average, 36 per cent of all security protocols are not being followed by staff. It may also explain the high number of security breaches, with 30 per cent of respondents experiencing a data breach within the past year.
IT decision makers also bear the brunt of responsibility. Of those surveyed, 66 per cent believe IT managers are primarily responsible for the organisation’s security. The report also showed that 58 per cent of IT decision makers believe they would likely lose their job in the event of a security breach.
Midgley said: “Despite marked improvements, businesses are still very susceptible to attack. The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”
The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security.
– Most likely to hack their own organisation: IT professionals aged 18-44 (21 per cent), IT professionals 45-plus (6 per cent)
– Most confident in containing a data breach: IT professionals aged 18-44 (87 per cent), IT professional 45-plus (85 per cent)
– Most comfortable with staffing levels in order to provide effective IT and data security: IT professionals aged 18-44 (82 per cent), IT professionals 45+ (69 per cent).
To download the full report visit https://www.absolute.com/it-confidential-uk
Methodology
The online survey was conducted from October 28, 2015 – November 11, 2015, among 513 UK adults age 18+ who met the following criteria:
Worked in an information security role and hold one of the following positions: IT Director/Executive, IT Manager, IT Administrator, IT Security, or Other IT / information security management role, employed by a company with 50 or more employees.
